A major data breach has shaken the US government. Classified papers, such as intricate floor plans of the White House, were visible to 11,000 workers in the General Services Administration (GSA). This staggering exposure covered both the Trump and Biden administrations. It comes shortly after a recent leak on the Signal app about US military activities in Yemen.
The incident reveals fundamental vulnerabilities in the US’s protection of non-classified but sensitive information. It also points to lingering threats to national security.
Wide Distribution of Classified-Like Data Within GSA
The breach was revealed in a recent internal audit. GSA’s IT department discovered a Google Drive folder that provided open access to its entire staff. Approximately 11,000 staff members had permission to view, edit, and potentially share sensitive documents.
Over 11,000 people accidentally gained access to a Google Drive map containing secret plans for the construction of the White House – Washington Post … The documents included, among other things, floor plans, details about a blast-proof door, and banking information from a… pic.twitter.com/UAqRrAhgbt
— Darkness BösarTiger ⚜️????? (@20gimsack) April 21, 2025
The leaked materials comprised White House East and West Wing floor layouts, blast door suggestions, and vendor banking information. Some reports even bore the CUI (Controlled Unclassified Information) label. These documents were not classified top-secret but nevertheless sensitive and not intended for large-scale distribution.
Editable Files Make Matters Worse
Of 15 documents analyzed, 10 could be edited. Any GSA employee might have altered or meddled with them. The editable access began in March of 2021 and persisted all the way up to the current Trump administration. A significant leak was said to have taken place just last week.
This exposure is particularly concerning after January 6, 2021, when a mob breached the Capitol. Were such documents to fall into the hands of unfriendly agents, the damage might be great. Plans utilizing White House security specifics, like an intended blast door for the Visitor Centre, may be of ill use in wrong hands.
Reports indicate GSA career staff placed the documents in the shared folder. There’s no indication of malicious intent as yet, but the oversight is serious. Investigations are ongoing to see if anybody downloaded or distributed the files.
GSA Faces Backlash, Announces Security Reforms
The GSA has secured the leaked files and shut down access. It now comes under fire from cybersecurity professionals and government overseers. Most contend that such a broad release of sensitive information should never have been allowed. Professionals deem this a “monumental failure” in electronic document control.
As a response, the GSA is re-examining its file-sharing policies and increasing staff training to avoid such failures.
Poor Internal Security: Greater Threat Than Foreign Hackers
While governments tend to be concerned with foreign hackers or cyberattacks, this violation proves that mismanagement from within may be as destructive. Failure at security within the trusted institutions gives rise to soft spots without requiring one line of offending code.
The take here is simple: internal access controls must receive as much attention as outer cybersecurity protections.
